RobFIT 0 Posted July 19, 2022 Share Posted July 19, 2022 Hello , I am constantly receiving this Detection , i know this has also been marked as a Vulnerability -- > NVD - CVE-2015-2291 (nist.gov) C:\Windows\Temp\a1d4d890-a36f-4104-8dfa-041c3f82fd6d\NIC_Intel_Firmware\iqvw64e.sys;Win64/Intel.A potentially unsafe application;cleaned by deleting;NT AUTHORITY\SYSTEM;Event occurred on a new file created by the application: C:\Windows\Temp\a1d4d890-a36f-4104-8dfa-041c3f82fd6d\miniunz.exe Upgraded the Endpoint Version , Scanned , detections are deleted but it recurs. There' no any DUP (dell Update Package ) , NIC is a Broadcom not an Intel Please advise how to clean it up once and for all . Link to comment Share on other sites More sharing options...
Administrators Marcos 5,231 Posted July 19, 2022 Administrators Share Posted July 19, 2022 If the application miniunz.exe is trusted and you run it on purpose, you can create a detection exclusion for the detected file. It can be misused only when used by an attacker or malware. Link to comment Share on other sites More sharing options...
RobFIT 0 Posted July 19, 2022 Author Share Posted July 19, 2022 56 minutes ago, Marcos said: If the application miniunz.exe is trusted and you run it on purpose, you can create a detection exclusion for the detected file. It can be misused only when used by an attacker or malware. Thanks for your reply Marcos But it's auto downloading / installing , i never run miniunz.exe Just wanted to know if this might be a False Positive ? Link to comment Share on other sites More sharing options...
Solution itman 1,740 Posted July 19, 2022 Solution Share Posted July 19, 2022 3 hours ago, RobFIT said: But it's auto downloading / installing , i never run miniunz.exe Copy the hash value from the entry Eset quarantined. Then go to VirusTotal.com and perform a scan based on hash value. If there are multiple AV vendors detection at VT, assume the file being downloaded is malicious. CVE-2015-2291 tracks to an Intel Ethernet diagnostic driver vulnerability. I have linked Intel's article about it which includes a patched updated driver: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00051.html . I suggest you apply the driver update ASAP. Link to comment Share on other sites More sharing options...
RobFIT 0 Posted July 22, 2022 Author Share Posted July 22, 2022 On 7/19/2022 at 4:56 PM, itman said: Copy the hash value from the entry Eset quarantined. Then go to VirusTotal.com and perform a scan based on hash value. If there are multiple AV vendors detection at VT, assume the file being downloaded is malicious. CVE-2015-2291 tracks to an Intel Ethernet diagnostic driver vulnerability. I have linked Intel's article about it which includes a patched updated driver: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00051.html . I suggest you apply the driver update ASAP. Thanks Buddy , Will test it , Sorry for the late reply. Link to comment Share on other sites More sharing options...
Recommended Posts